The growth of infrastructure and applications has been enabled in part
by an increasing trend towards automation everywhere.
Configuration as code (such as Chef or Puppet with Packer)
has enabled automated machine configuration. Infrastructure
as code (such as Terraform) has enabled
automatic infrastructure creation. And schedulers (such as
Nomad and Kubernetes) have enabled
automatic application deployment.
Sentinel enables guardrails to be put in place
on automation while allowing the codification and automatic enforcement
of business requirements in critical areas of your infrastructure.

Meanwhile, businesses have business requirements and sometimes legal
requirements which must be expressed in policies. Traditionally, these
policies are enforced by humans. But in a highly automated world, the
automation is only as fast as its slowest component. In many cases, this
is the human verification step.

As an example: before infrastructure as code and autoscaling, if an order
came through for 5,000 new machines, a human would likely respond to the
ticket verifying that the user really intended to order 5,000 new machines.
Today, automation can almost always freely order 5,000 new compute instances
without any hesitation, which can result in unintended expense or system
instability.

Sentinel introduces policy as code
and a powerful framework built-in to HashiCorp tooling to allow automation
guardrails, business requirements, legal compliance, and more to be
actively enforced by the running systems in realtime.

With Sentinel, you can require an override to create certain numbers of
infrastructure resources. You can disallow unsafe deployment configurations
with Nomad. You can enforce certain key/value formats in Consul. You
can restrict secret access by time in Vault. And more.

Sentinel is available today in HashiCorp enterprise products. You can
try Sentinel immediately with the getting started guide or learn more about the integrations in the
documentation.